﻿using System;
using System.Diagnostics.CodeAnalysis;
using System.Security.Principal;
using System.Web.Mvc;
using ENail.ApplicationServices;
using ENail.Domain.Core.Contract.Services;
using ENail.Portal.Web.Models;

namespace ENail.Portal.Web.Controllers
{
    public class LoginController : BaseController
    {
        public IFormsAuthenticationService FormsAuthentication { get; private set; }
        public IMembershipService MembershipService { get; private set; }

        public LoginController(IFormsAuthenticationService formsAuthentication, IMembershipService membershipService)
        {
            FormsAuthentication = formsAuthentication ?? new FormsAuthenticationService();
            //MembershipService = membershipService ?? new UserMembershipService();
            MembershipService = membershipService;
        }

        public LoginController(IMembershipService membershipService) : this (null, membershipService)
        {
        }

        public ActionResult LogOn()
        {
            return View();
        }

        [ValidateInput(false)]
        [AcceptVerbs(HttpVerbs.Post)]
        [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings", Justification = "Needs to take same parameter type as Controller.Redirect()")]
        //public ActionResult LogOn(string username, string password, string returnUrl)
        public ActionResult LogOn(UserViewModel userViewLogin)
        {
            if (!ValidateLogOn(userViewLogin.Username, userViewLogin.Password))
                return View();

            var user = MembershipService.GetUser(userViewLogin.Username);
            FormsAuthentication.SignIn(user, false);

            //if (!string.IsNullOrEmpty(returnUrl) && returnUrl != "/")
            //    return Redirect(returnUrl);
            //else
                return RedirectToAction("Index", "Entry");
        }

        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();
            var id = (System.Web.Security.FormsIdentity)System.Web.HttpContext.Current.User.Identity;
            if (System.Web.HttpContext.Current.Cache[id.Name] != null)
                System.Web.HttpContext.Current.Cache.Remove(id.Name);

            return RedirectToAction("Index", "Home");
        }

        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (filterContext.HttpContext.User.Identity is WindowsIdentity)
                throw new InvalidOperationException("Windows authentication is not supported");
        }

        #region Private Methods

        private bool ValidateLogOn(string userName, string password)
        {
            if (String.IsNullOrEmpty(userName))
            {
                ModelState.AddModelError("username", "You must specify a username.");
            }
            if (String.IsNullOrEmpty(password))
            {
                ModelState.AddModelError("password", "You must specify a password.");
            }
            if (ModelState.IsValid && !MembershipService.ValidateUser(userName, password))
            {
                ModelState.AddModelError("_FORM", "The username or password provided is incorrect.");
            }

            return ModelState.IsValid;
        }

        #endregion

    }
}
